Linkedin

Internet Dot fail - What is missing

The average web user today is not a network administrator nor are they savy about network security issues on the web. This however is not enough to stop millions of users from getting on-line daily to communicate with one another via sms, email, social media and digital calls.

"National and international laws have yet to catch up with the evolving need for privacy that comes with new technology. Several governments have also chosen to use malware to engage in extra-legal spying or system sabotage for dissidents or non-citizens, all in the name of “national security.”

Respect for individuals' autonomy, anonymous speech, and the right to free association must be balanced against legitimate concerns like law enforcement. National governments must put legal checks in place to prevent abuse of state powers, and international bodies need to consider how a changing technological environment shapes security agencies’ best practices." - EFF.org

Internet.org presents itself as a facilitating tool for the masses who want to get on-line at affordable prices in less developed areas.

"We’re also giving people more choice over the free basic services they can use.Our goal with Internet.org is to work with as many developers and entrepreneurs as possible to extend the benefits of connectivity to diverse, local communities.

To do this, we’re going to offer services through Internet.org in a way that’s more transparent and inclusive.Our approachAt the core of our efforts with Internet.org are non-exclusive partnerships with mobile operators to offer free basic internet services to people through Internet.org.

This is a set of basic websites and services to introduce people to the value of the internet, and that we hope add value to their lives.These websites are very simple and data efficient, so operators can offer these for free in an economically sustainable way.

Websites do not pay to be included, and operators don’t charge developers for the data people use for their services." - internet.org (6-24-2015)

This project lacks the basic needs for security for security conscious users ike myself who are very aware for the man-in-the-middle hacks and other security exploits that steal cookies to hijack end user credentials to use the internet. TLS/SSL and JavaScript are not allowed. Java itself is not a big deal however not allowing TLS security puts th users of that Internet.org project at rick of being left vulnerable to other users on the network.

"Websites must be built to be optimized for browsing on both feature and smart-phones and in limited bandwidth scenarios. In addition, websites must be properly integrated with Internet.org to allow zero rating and therefore can’t require JavaScript or SSL/TLS/HTTPS and must meet our technical guidelines." - internet.org (6-24-2015)

In countries like Uganda social media hacks are increasingly being used to embarrass high profile individuals by leaking pictures or videos that were meant to private. However a broader search on-line will show that is a fast growing problem worldwide.

As technology evolves and personal computers get more effective at deploying simpler tools that can perform sophisticated hacks these capabilities that used to be the tool of governments are increasingly being used by amateurs to wreck havoc on the common people.

Transport Layer Encryption (TLS is a critical tool for protecting the data privacy of users on the web